Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1783)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments...

Cisco NX-OS Software Virtualization Manager Command Injection (CVE-2019-12717)

A vulnerability in a CLI command related to the virtualization manager VMAN in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of...

Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1795)

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed ...

Cisco NX-OS Software Line Card Command Injection Vulnerability (CVE-2019-1769)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system of an attached line card with the privilege level of root. The vulnerability is due to insufficient...

The vulnerability of the `ksmbd_verify_smb_message()` function in the `fs/smb/server/smb_common.c` file of the KSMBD file system of the Linux operating system allows a attacker to access protected information or cause service failures.

The vulnerability of the ksmbdverifysmbmessage function in the fs/smb/server/smbcommon.c file of the KSMBD file system in the Linux operating system is related to the lack of control over the request identifier. Exploiting this vulnerability could allow a remote attacker to access protected...

The vulnerability of the udf_close_lvid() function in the fs/udf/super.c module of the Linux operating system allows a attacker to compromise the accessibility of protected information.

The vulnerability of the udfcloselvid function in the fs/udf/super.c module of the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the accessibility of protected information...

The vulnerability of the io_uring subsystem in Linux operating systems allows a hacker to elevate their privileges to the level of root.

The vulnerability of the iouring subsystem in Linux operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level...

CVE-2023-31190

DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper Authentication vulnerability during the firmware update procedure. Specifically, the firmware update procedure ignores and does not check the validity of the TLS certificate of the HTTPS endpoint from which t...

Authentication flaw

DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper Authentication vulnerability during the firmware update procedure. Specifically, the firmware update procedure ignores and does not check the validity of the TLS certificate of the HTTPS endpoint from which t...

CVE-2023-31190 Missing TLS (HTTPS) certificate validation during firmware update in DroneScout ds230 Remote ID receiver from BlueMark Innovations

DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper Authentication vulnerability during the firmware update procedure. Specifically, the firmware update procedure ignores and does not check the validity of the TLS certificate of the HTTPS endpoint from which t...

CVE-2023-31190 Missing TLS (HTTPS) certificate validation during firmware update in DroneScout ds230 Remote ID receiver from BlueMark Innovations

DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper Authentication vulnerability during the firmware update procedure. Specifically, the firmware update procedure ignores and does not check the validity of the TLS certificate of the HTTPS endpoint from which t...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2023-28365

A backup file vulnerability found in UniFi applications Version 7.3.83 and earlier running on Linux operating systems allows application administrators to execute malicious commands on the host device being restored...

ALSA-2023:3847 Moderate: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: tls: race condition in dotlsgetsockopt may lead to use-after-free or NULL pointer dereference CVE-2023-28466 For more details about the security issues, including the impact, a CVSS score...

CVE-2023-25188

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP as a BTS administrator removes security hardenings from the Nokia Single RAN BTS baseband unit, the BTS baseband unit diagnostic tool AaShell which is by default disabled allows unauthenticated access from...

Huawei EulerOS: Security Advisory for sysstat (EulerOS-SA-2023-2049)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as...

ALSA-2023:3349 Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: netfilter: use-after-free in nftables when processing batch requests can lead to privilege escalation CVE-2023-32233 For more details about the security issues, including the impact, a CV...

Debian dla-3434 : isag - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3434 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3434-1 [email protected]...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...